Setu Kumar Basak

Co-authored papers

2025

• AssetHarvester: A Static Analysis Tool for Detecting Secret-Asset Pairs in Software Artifacts

  Proceedings of the IEEE/ACM International Conference on Software Engineering

  Setu Kumar Basak, K. Virgil English, Ken Ogura, Vitesh Kambara, Bradley Reaves, and Laurie Williams

  DOI PDF

  Static analysis can automatically detects secret-asset pairs across software artifacts, enabling developers to distinguish benign and catastrophic credential exposure.

2023

• What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts?

  Proceedings of the IEEE/ACM International Conference on Software Engineering

  Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, and Laurie Williams

  DOI

  This qualitative analysis of 779 Stack Exchange questions shows developers face 27 challenges managing checked-in secrets in source code.

• SecretBench: A Dataset of Software Secrets

  Mining Software Repositories Data and Showcase Track

  Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, and Laurie Williams

  DOI PDF

  A labeled benchmark of 97,479 secrets across 818 GitHub repositories enables systematic evaluation of secret detection tools.